Field Analysis
The Recruiting Repo Is the Payload
A fake recruiter asking a candidate to review an MVP repo shows why unsolicited source code is not a document. It is an executable threat surface with access to developer secrets.
Tag
7 articles covering Credential Theft across campaign analysis, detection engineering, and defender tradecraft.
Field Analysis
A fake recruiter asking a candidate to review an MVP repo shows why unsolicited source code is not a document. It is an executable threat surface with access to developer secrets.
Field Analysis
Recent exploitation of CVE-2026-35616 turned FortiClient EMS into a malware delivery channel, pushing an EKZ credential stealer through trusted endpoint management paths.
Read more:Arctic WolfArctic Wolf
Field Analysis
Recent code-of-conduct phishing campaigns show how attackers blend HR pressure, PDF staging, CAPTCHA gates, and AiTM flows to steal session tokens.
Field Analysis
Persistent OAuth grants let third-party apps keep operating after the original login, password reset, or employee lifecycle event has faded from view.
Read more:The Hacker NewsMicrosoft Learn
Field Analysis
A newly reported kit packages templates, domain setup, anti-analysis controls, session monitoring, and AI-assisted drafting into one operator console.
Read more:BleepingComputerVaronis
Field Analysis
Microsoft's Q1 2026 email threat review shows link-based phishing dominance, QR code growth, CAPTCHA-gated flows, and persistent business email compromise pressure.
Read more:Microsoft Security Blog
Field Analysis
Recent package compromises show how developer trust can be abused to harvest credentials and seed downstream phishing risk.
Read more:BleepingComputerCISA